Ejemplo n.º 1
0
        /// <summary>
        /// handles the authentication of the user and creates the authentication token
        /// </summary>
        /// <returns>nothing</returns>
        /// <remarks>
        /// jwames - 8/12/2014 - original code
        /// </remarks>
        public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
        {
            context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
            if (!ValidateApiKey(context))
            {
                return;
            }

            string errMsg = null;

            // determine if we are authenticating an internal or external user
            if (ProfileHelper.IsInternalAddress(context.UserName))
            {
                IUserDomainRepository ADRepo = GlobalConfiguration.Configuration.DependencyResolver.GetService(typeof(IUserDomainRepository)) as IUserDomainRepository;

                bool success = await Task.Run <bool>(() => ADRepo.AuthenticateUser(context.UserName, context.Password, out errMsg));

                if (!success)
                {
                    context.SetError("invalid_grant", errMsg);
                    return;
                }
            }
            else
            {
                ICustomerDomainRepository ADRepo = GlobalConfiguration.Configuration.DependencyResolver.GetService(typeof(ICustomerDomainRepository)) as ICustomerDomainRepository;

                AuthenticationModel authentication = await Task.Run <AuthenticationModel>(() => ADRepo.AuthenticateUser(context.UserName, context.Password));

                if (!authentication.Status.Equals(AuthenticationStatus.Successful) && !authentication.Status.Equals(AuthenticationStatus.PasswordExpired))
                {
                    context.SetError("invalid_grant", authentication.Message);
                    return;
                }
            }

            IUserProfileLogic _profileLogic = GlobalConfiguration.Configuration.DependencyResolver.GetService(typeof(IUserProfileLogic)) as IUserProfileLogic;
            UserProfileReturn userReturn    = await Task.Run <UserProfileReturn>(() => _profileLogic.GetUserProfile(context.UserName));

            if (userReturn.UserProfiles.Count == 0)
            {
                context.SetError("invalid_grant", "User profile does not exist in Commerce Server");
            }
            else
            {
                _profileLogic.SetUserProfileLastLogin(userReturn.UserProfiles[0].UserId);
                var identity = new ClaimsIdentity(context.Options.AuthenticationType);
                identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
                identity.AddClaim(new Claim("name", context.UserName));
                identity.AddClaim(new Claim("role", userReturn.UserProfiles[0].RoleName));

                context.Validated(identity);
            }
        }
Ejemplo n.º 2
0
 public PasswordResetLogicImpl(IUnitOfWork unitOfWork, IUserProfileRepository userProfileRepository, ICustomerDomainRepository customerDomainRepository,
                               IPasswordResetRequestRepository passwordResetRequestRepository, IMessageTemplateRepository messageTemplateRepository, IEmailClient emailClient,
                               IEventLogRepository eventLog)
 {
     _adRepo            = customerDomainRepository;
     _emailClient       = emailClient;
     _emailTemplateRepo = messageTemplateRepository;
     _log          = eventLog;
     _passwordRepo = passwordResetRequestRepository;
     _profileRepo  = userProfileRepository;
     _uow          = unitOfWork;
 }